<!DOCTYPE html>
<html>
  <head>
    <title>Referrer Policy: CSP 'referrer' directive should not be supported</title>
    <meta http-equiv="Content-Security-Policy" content="referrer no-referrer">
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <!-- Common global functions for referrer-policy tests. -->
    <script src="/common/security-features/resources/common.sub.js"></script>
  </head>
  <body>
    <h1>Referrer Policy: CSP 'referrer' directive should not be supported</h1>
    <p>CSP used to have a 'referrer' directive to set a Referrer Policy. This directive has been removed and should not be supported.</p>

    <pre id="received_message">Running...</pre>

    <script>
      promise_test(function() {
        var urlPath = '/common/security-features/subresource/image.py?cache_destroyer=' + (new Date()).getTime();
        return requestViaImage(urlPath, null, 'always')
          .then(function(message) {
            assert_equals(message.referrer, document.location.href);
          });
      }, "Image has a referrer despite CSP 'referrer' directive");
    </script>

    <div id="log"></div>
  </body>
</html>
